summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVivek Kumbhar <vkumbhar@mvista.com>2023-11-22 11:29:29 +0530
committerSteve Sakoman <steve@sakoman.com>2023-12-02 16:36:56 -1000
commit24121f969931ce1192ef923013929d0719cf22e1 (patch)
tree6524ee3a1322170174c1a30b348d1423d47276a6
parentf8a7dbd8fb3b7e8d224f65d5ac27481b13b7db18 (diff)
downloadpoky-24121f969931ce1192ef923013929d0719cf22e1.tar.gz
openssl: fix CVE-2023-5678 Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow
(From OE-Core rev: 6cd4c30a2811420159d72c2f0a9430f1f0294686) Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r--meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch180
-rw-r--r--meta/recipes-connectivity/openssl/openssl_3.0.12.bb1
2 files changed, 181 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch
new file mode 100644
index 0000000000..796a4f8be9
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch
@@ -0,0 +1,180 @@
1From db925ae2e65d0d925adef429afc37f75bd1c2017 Mon Sep 17 00:00:00 2001
2From: Richard Levitte <levitte@openssl.org>
3Date: Fri, 20 Oct 2023 09:18:19 +0200
4Subject: [PATCH] Make DH_check_pub_key() and DH_generate_key() safer yet
5
6We already check for an excessively large P in DH_generate_key(), but not in
7DH_check_pub_key(), and none of them check for an excessively large Q.
8
9This change adds all the missing excessive size checks of P and Q.
10
11It's to be noted that behaviours surrounding excessively sized P and Q
12differ. DH_check() raises an error on the excessively sized P, but only
13sets a flag for the excessively sized Q. This behaviour is mimicked in
14DH_check_pub_key().
15
16Reviewed-by: Tomas Mraz <tomas@openssl.org>
17Reviewed-by: Matt Caswell <matt@openssl.org>
18Reviewed-by: Hugo Landau <hlandau@openssl.org>
19(Merged from https://github.com/openssl/openssl/pull/22518)
20
21(cherry picked from commit ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6)
22
23Upstream-Status: Backport [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017]
24CVE: CVE-2023-5678
25Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
26---
27 crypto/dh/dh_check.c | 12 ++++++++++++
28 crypto/dh/dh_err.c | 3 ++-
29 crypto/dh/dh_key.c | 12 ++++++++++++
30 crypto/err/openssl.txt | 1 +
31 include/crypto/dherr.h | 2 +-
32 include/openssl/dh.h | 6 +++---
33 include/openssl/dherr.h | 3 ++-
34 7 files changed, 33 insertions(+), 6 deletions(-)
35
36diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
37index 7ba2bea..e20eb62 100644
38--- a/crypto/dh/dh_check.c
39+++ b/crypto/dh/dh_check.c
40@@ -249,6 +249,18 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)
41 */
42 int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
43 {
44+ /* Don't do any checks at all with an excessively large modulus */
45+ if (BN_num_bits(dh->params.p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) {
46+ ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE);
47+ *ret = DH_MODULUS_TOO_LARGE | DH_CHECK_PUBKEY_INVALID;
48+ return 0;
49+ }
50+
51+ if (dh->params.q != NULL && BN_ucmp(dh->params.p, dh->params.q) < 0) {
52+ *ret |= DH_CHECK_INVALID_Q_VALUE | DH_CHECK_PUBKEY_INVALID;
53+ return 1;
54+ }
55+
56 return ossl_ffc_validate_public_key(&dh->params, pub_key, ret);
57 }
58
59diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
60index 4152397..f76ac0d 100644
61--- a/crypto/dh/dh_err.c
62+++ b/crypto/dh/dh_err.c
63@@ -1,6 +1,6 @@
64 /*
65 * Generated by util/mkerr.pl DO NOT EDIT
66- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
67+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
68 *
69 * Licensed under the Apache License 2.0 (the "License"). You may not use
70 * this file except in compliance with the License. You can obtain a copy
71@@ -54,6 +54,7 @@ static const ERR_STRING_DATA DH_str_reasons[] = {
72 {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR),
73 "parameter encoding error"},
74 {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"},
75+ {ERR_PACK(ERR_LIB_DH, 0, DH_R_Q_TOO_LARGE), "q too large"},
76 {ERR_PACK(ERR_LIB_DH, 0, DH_R_SHARED_INFO_ERROR), "shared info error"},
77 {ERR_PACK(ERR_LIB_DH, 0, DH_R_UNABLE_TO_CHECK_GENERATOR),
78 "unable to check generator"},
79diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
80index d84ea99..afc49f5 100644
81--- a/crypto/dh/dh_key.c
82+++ b/crypto/dh/dh_key.c
83@@ -49,6 +49,12 @@ int ossl_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
84 goto err;
85 }
86
87+ if (dh->params.q != NULL
88+ && BN_num_bits(dh->params.q) > OPENSSL_DH_MAX_MODULUS_BITS) {
89+ ERR_raise(ERR_LIB_DH, DH_R_Q_TOO_LARGE);
90+ goto err;
91+ }
92+
93 if (BN_num_bits(dh->params.p) < DH_MIN_MODULUS_BITS) {
94 ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_SMALL);
95 return 0;
96@@ -267,6 +273,12 @@ static int generate_key(DH *dh)
97 return 0;
98 }
99
100+ if (dh->params.q != NULL
101+ && BN_num_bits(dh->params.q) > OPENSSL_DH_MAX_MODULUS_BITS) {
102+ ERR_raise(ERR_LIB_DH, DH_R_Q_TOO_LARGE);
103+ return 0;
104+ }
105+
106 if (BN_num_bits(dh->params.p) < DH_MIN_MODULUS_BITS) {
107 ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_SMALL);
108 return 0;
109diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
110index e51504b..36de321 100644
111--- a/crypto/err/openssl.txt
112+++ b/crypto/err/openssl.txt
113@@ -500,6 +500,7 @@ DH_R_NO_PARAMETERS_SET:107:no parameters set
114 DH_R_NO_PRIVATE_VALUE:100:no private value
115 DH_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
116 DH_R_PEER_KEY_ERROR:111:peer key error
117+DH_R_Q_TOO_LARGE:130:q too large
118 DH_R_SHARED_INFO_ERROR:113:shared info error
119 DH_R_UNABLE_TO_CHECK_GENERATOR:121:unable to check generator
120 DSA_R_BAD_FFC_PARAMETERS:114:bad ffc parameters
121diff --git a/include/crypto/dherr.h b/include/crypto/dherr.h
122index bb24d13..519327f 100644
123--- a/include/crypto/dherr.h
124+++ b/include/crypto/dherr.h
125@@ -1,6 +1,6 @@
126 /*
127 * Generated by util/mkerr.pl DO NOT EDIT
128- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
129+ * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
130 *
131 * Licensed under the Apache License 2.0 (the "License"). You may not use
132 * this file except in compliance with the License. You can obtain a copy
133diff --git a/include/openssl/dh.h b/include/openssl/dh.h
134index 6533260..50e0cf5 100644
135--- a/include/openssl/dh.h
136+++ b/include/openssl/dh.h
137@@ -141,7 +141,7 @@ DECLARE_ASN1_ITEM(DHparams)
138 # define DH_GENERATOR_3 3
139 # define DH_GENERATOR_5 5
140
141-/* DH_check error codes */
142+/* DH_check error codes, some of them shared with DH_check_pub_key */
143 /*
144 * NB: These values must align with the equivalently named macros in
145 * internal/ffc.h.
146@@ -151,10 +151,10 @@ DECLARE_ASN1_ITEM(DHparams)
147 # define DH_UNABLE_TO_CHECK_GENERATOR 0x04
148 # define DH_NOT_SUITABLE_GENERATOR 0x08
149 # define DH_CHECK_Q_NOT_PRIME 0x10
150-# define DH_CHECK_INVALID_Q_VALUE 0x20
151+# define DH_CHECK_INVALID_Q_VALUE 0x20 /* +DH_check_pub_key */
152 # define DH_CHECK_INVALID_J_VALUE 0x40
153 # define DH_MODULUS_TOO_SMALL 0x80
154-# define DH_MODULUS_TOO_LARGE 0x100
155+# define DH_MODULUS_TOO_LARGE 0x100 /* +DH_check_pub_key */
156
157 /* DH_check_pub_key error codes */
158 # define DH_CHECK_PUBKEY_TOO_SMALL 0x01
159diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h
160index 5d2a762..074a701 100644
161--- a/include/openssl/dherr.h
162+++ b/include/openssl/dherr.h
163@@ -1,6 +1,6 @@
164 /*
165 * Generated by util/mkerr.pl DO NOT EDIT
166- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
167+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
168 *
169 * Licensed under the Apache License 2.0 (the "License"). You may not use
170 * this file except in compliance with the License. You can obtain a copy
171@@ -50,6 +50,7 @@
172 # define DH_R_NO_PRIVATE_VALUE 100
173 # define DH_R_PARAMETER_ENCODING_ERROR 105
174 # define DH_R_PEER_KEY_ERROR 111
175+# define DH_R_Q_TOO_LARGE 130
176 # define DH_R_SHARED_INFO_ERROR 113
177 # define DH_R_UNABLE_TO_CHECK_GENERATOR 121
178
179--
1802.40.1
diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.12.bb b/meta/recipes-connectivity/openssl/openssl_3.0.12.bb
index d8c9b073a2..395cace2ec 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.12.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.12.bb
@@ -12,6 +12,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
12 file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ 12 file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
13 file://afalg.patch \ 13 file://afalg.patch \
14 file://0001-Configure-do-not-tweak-mips-cflags.patch \ 14 file://0001-Configure-do-not-tweak-mips-cflags.patch \
15 file://CVE-2023-5678.patch \
15 " 16 "
16 17
17SRC_URI:append:class-nativesdk = " \ 18SRC_URI:append:class-nativesdk = " \